Cybercriminals Deploy XLoader Malware Using Eclipse Jarsigner in ZIP Archives
A malware campaign spreading XLoader malware uses DLL side-loading by exploiting a legitimate Eclipse Foundation tool, jarsigner, which is part of the IDE package. The malware is distributed via ZIP [...]
Phishing targets CEOs, CTOs, and top decision-makers
A recent phishing campaign by Hackmosphere exposed vulnerabilities among top decision-makers, like CEOs and CTOs. The study highlights how cybercriminals use social engineering tactics to target high-ranking executives, stressing the [...]
Fake Chrome Update Drops DriverEasy Malware via Dropbox
Researchers discovered that the malware, disguised as a Chrome update, uses Dropbox’s API to steal credentials and is linked to North Korea’s “Contagious Interview” cyber-espionage campaign. Fake Chrome Update Installs [...]
PoC exploit released for vulnerabilities in Ivanti Endpoint Manager
Researchers found four critical Ivanti EPM vulnerabilities allowing unauthenticated attackers to exploit machine credentials for relay attacks. Patched in January 2025 after discovery in October 2024. All about the Ivanti [...]
New LLM Vulnerability Puts AI Models Like ChatGPT at Risk
A newly discovered vulnerability in LLMs like ChatGPT raises concerns about adversarial attacks, where techniques like prompt injection can manipulate outputs or expose sensitive data. All about LLM Vulnerability Prompt [...]
Get Social